Skip to main content

Refine focus

By scanning your entire git history, or simply due to your software development activity, you could have many incidents on your GitGuardian dashboard. Decreasing the number of incidents and focusing only on those that matter most is therefore key.

Exclude filepaths#

Only applies to secrets incidents.

Description#

In your workspace settings, under the Secrets detection section, you can configure the filepaths you want to exclude from secrets detection. These excluded filepaths will be applied to all repositories monitored by GitGuardian.

When a secret is leaked on an excluded filepath:

  • you will not receive any notification,
  • no incident will be created in your dashboard.

Note that newly created filepath exlusions will also apply to existing secret incidents and these would therefore be removed from your secret incidents table.

Filepath exclusion

You have the ability to test a filepath against your exclusion list to verify your configuration.

Filepath format#

The filepath format is a subset of the glob-style pattern. It uses the “/” character to separate each element of the path (POSIX norm), and allows the special “*” character as a wildcard. Additionally, the “**” sequence can be used to recursively match any number of directories.

PATTERNCORRESPONDING REGEXMATCHESNON-MATCHES
test.pytest\.py$src/tests/test.pysrc/test/file.py
src/test.py/README
tests/*.pytests/([^/]+)\.py$src/tests/test.py
src/tests/file.py
src/test.py
src/test.txt
/tests/*.py^tests/([^/]+)\.py$tests/test.pysrc/tests/test.py
/*/test.py^([^/]+)/test\.py$src/test.pytest.py
src/tests/test.py
src/**/test.pysrc/([^/]+/)*test\.py$src/test.py
src/dir1/dir2/dir3/test.py
dir1/src/test.py
dir1/dir2/dir3/test.py
/src/**/test.py^src/([^/]+/)*test\.py$src/test.py
src/dir1/dir2/dir3/test.py
dir1/src/test.py
**/templates/templates/templates/file.html
src/templates/file.html
src/file.html

If you misuse the glob-style pattern, GitGuardian will automatically correct your input. For instance:

  • src/**/**/**/tests/ will be corrected to src/**/test
  • **/src/** will be corrected to src/

Configure your secret detectors#

In your workspace settings, under the Secrets detection section, you can choose to deactivate detectors if you wish to.

When you deactivate a detector:

  • you will not receive a notification for incidents that this detector raises,
  • incidents for deactivated detectors will not be displayed in your dashboard. However, the detector will still detect and store such incidents shall you reactivate the detector later.

Secrets detectors list